Kenya recorded an unprecedented surge in cyber threats in the first quarter of 2025, with over 2.5 billion attacks detected between January and March 2025.
This marks a staggering 201.7 per cent increase from the 840.9 million threats reported in the previous quarter, according to the latest Sector Statistics Report released by the Communications Authority of Kenya (CA) on Monday, June 30, 2025.
The report attributes the spike to increased exposure stemming from Kenya’s rapid digital adoption, with system vulnerabilities identified as the most exploited weak point.
These vulnerabilities accounted for 2.47 billion incidents, representing a 228.3 per cent surge from 752.4 million cases in the previous quarter.
“System vulnerabilities dominated the threats,” CA stated, highlighting persistent gaps in software and infrastructure protections across both public and private sectors.
While some forms of cyber-attacks declined, including malware (down 27.6 per cent ), brute force attacks (down 2.8 per cent ), and DDoS attacks (down 75.6 per cent), the overall rise in threat volume signals a growing sophistication in how attacks are deployed.
Advisories
In response to the surge, the Kenya Computer Incident Response Team (KE-CIRT/CC) issued 13.2 million cybersecurity advisories, up 14.2 per cent from 11.6 million in the previous quarter.
The most notable advisory spikes included DDoS alerts, which jumped 158.8 per cent, and mobile application attacks, which rose 61.2 per cent.
“A total of 13.2 million advisories were issued in response to the cyber threats detected,” the report noted.
The CA emphasised that the rise in threats and corresponding advisories reflects Kenya’s expanding digital landscape, driven by increased use of mobile phones, broadband internet, and smart devices.
In its conclusion, the Authority observed that the ICT sector showed steady growth during the period, propelled by mobile penetration, wider access to smart and feature phones, and mobile network expansion.
“The quarter was marked by growth in mobile, data, and broadband subscriptions… and demonstrates a positive trend toward greater connectivity and digital adoption,” the report stated.
However, the Authority warned that this connectivity must be matched with equal investment in cybersecurity infrastructure, or the country risks facing even more aggressive threats in the months ahead.
